> On 29 Mar 2016, at 23:49, Tom Ritter wrote:
>
> On 29 March 2016 at 02:29, Sebastian Hahn wrote:
>> I've been wondering about the private_nets const in src/or/policies. It
>> was added in a96c0affcb4cda1a2e0d83d123993d10efc6e396 but Nick doesn't
>> remember why, and I'm hoping someone has an idea (maybe teor, who I've
>> CCed here, who documented this in a later commit?). If nobody knows why
>> we do this I think we should remove it as likely incorrect.
>
> ::/8 is Reserved by the IETF, it is (a superset of) the deprecated
> space for "IPv4 Compatible IPv6 Addresses". The addresses are not to
> be reassigned for any other purposes.
>
> Authoritative source:
> http://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xhtml
>
> I'm not necessarily sure what private networks are all used for in
> Tor, but maybe this explains it and makes sense?
/** Private networks. This list is used in two places, once to expand the
* "private" keyword when parsing our own exit policy, secondly to ignore
* just such networks when building exit policy summaries. It is important
* that all authorities agree on that list when creating summaries, so don't
* just change this without a proper migration plan and a proposal and stuff.
*/
So I think we should keep [::]/8 in the list of private addresses.
That said, the list of IPv4 and IPv6 private addresses in tor is incomplete,
and could be updated based on [0] [1] for IPv6, and [2] for IPv4 ([3] seems to
have too much information to be useful).
If we want to update it, we should consider:
private_nets
tor_addr_is_internal
(any other checks?)
We would need to write a proposal - at the very least, it would need a new
consensus method, and some discussion of what happens when clients and exits
disagree on the definition of what's private and what's not.
I don't think it's something I'll have time for, but if anyone else wants to
guide us through the process, I'd be happy to support it and review code.
Tim
[0]:
https://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xhtml
[1]:
https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml
[2]:
https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
[3]:
https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev